25 March 2021

You don't control the work of your administrator as well?

IT network administrators ensure that enterprise employees can log in to their computers and company mail and use their company data without hindrance. Due to the administrators' broad powers and possibilities of interference in the IT infrastructure, the trend of using specialised tools to control the so-called privileged access is becoming increasingly popular.

Probably everyone remembers when Edward Snowden leaked several hundred thousand secret NSA documents. The media described this incident as one of US history's most significant data leaks. Another notorious leak was the data theft from about 80 million clients and US health insurance company employees, which resulted in an avalanche of lawsuits and the payment of enormous compensation. Similar consequences affected the Korean Credit Bureau, whose employee obtained confidential data on over 20 million Koreans (40% of the entire population!), and the resulting financial losses had to be covered by the company itself. Each of the listed incidents is connected by the fact that they occurred due to the actions of people with so-called privileged access to the company's IT systems.

In companies or institutions with no appropriate means of privileged access supervision, it is easy to find abuses and mistakes that no one will be able to detect. After all, administrators or companies providing IT services on behalf of enterprises have access to the most confidential information - they can track e-mail correspondence of employees, have an insight into payroll lists, the content of concluded contracts, can look at board resolutions, and even check the content of disks on the computers of the CEOs. They can also impersonate their users and deactivate expensive and extensive IT security software – antiviruses, firewalls or backup tools. In the absence of proper monitoring and management of privileged access, an error on the part of people with such access – whether deliberate or accidental – may be catastrophic for the company.

As DAGMA IT security experts point out, one of the most effective ways to maintain control over privileged access is to implement reliable and market-available Privileged Access Management solutions (in short and in an industry-specific slang simply called PAM). Such tools, e.g. Senhasegura, allow you to manage the passwords of people with higher authority (e.g. administrators), their access to data, key services and devices as well as monitor their actions. Thanks to this PAM is able to:

  • instantly detect attempts to steal or leak data (e.g. copying data on a flash drive),
  • identify improper work of companies providing IT services to the company (e.g. lack of service support in the frequency specified in the contract),
  • identify abuse of privileges by IT companies or company administrators (e.g. viewing payroll),
  • minimise retaliation from former employees (e.g. deleting company data or blocking access to IT services by changing access passwords).

The more privileges and access an employee, account, or process accumulates in a company, the greater the potential for abuse and the greater the risk of error. The implementation of a PAM solution such as SENHASEGURA not only minimises the possibility of IT security incidents but also helps significantly reduce the consequences of such incidents if they occur.

The author of the text is Maurycy Sklorz

ID wpisu: 33280

Mateusz Piątek
senior product manager Safetica / Holm Security / Senhasegura

Do you have any questions?
Contact me:
piatek.m@dagma.pl
532 570 255

Similar content: